General

  • Target

    Product Requirement Specification Design And Size.rar

  • Size

    607KB

  • Sample

    240619-ld7kqssdkj

  • MD5

    0ffb618fe427993e84548dde05d50f3b

  • SHA1

    8b4db2e677b7a12009bf73cd7dadfe92c6a7a64e

  • SHA256

    43377c97deeedaffc61f4ee0fef739c09911922799097a59700d337349e6c92c

  • SHA512

    0cbe399b99ce811146218cac2012dead2965e63ccd6cfea712daab0d0ecafffa69ca1a2b4f2239346091d222a8ee621b5253f73ea15416f2e043968087f65611

  • SSDEEP

    12288:G5b3RMRGnBmz8UjG3HbO+SJn4Hnm00GaCegP6sK+aNMQoGuNtsx6A:GbuEkzdjITUUm3kHxGCtIN

Malware Config

Extracted

Family

agenttesla

Credentials

Targets

    • Target

      Product Requirement Specification Design And Size.scr

    • Size

      2.5MB

    • MD5

      0a7933f748a53ce9ad76e8d5238f1111

    • SHA1

      900a7a85dc5942edc79237c90c245e3260140a2f

    • SHA256

      b6df164c8a4e41c49648f77f6fd6e60002a5181eb8ec117e7b9e8c8a6cefab53

    • SHA512

      4fff17a844423c72b87a0dfea5194c679cbeaf58f9da9b2f3766f1e5a7c8d0505cb203e1d46dd0a0efe308acf52bfaffe093585f440fe119f814a30ae2e6680a

    • SSDEEP

      12288:upGbwS3rh+3j2SFDeVXvSHkdgxUXIeAYfzx4+GViLVErJrQsCh:sgojTQgxUXILeShVIUJK

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks